EP2535833A1 - Verfahren zur Sicherung eines elektrischen Geräts - Google Patents
Verfahren zur Sicherung eines elektrischen Geräts Download PDFInfo
- Publication number
- EP2535833A1 EP2535833A1 EP11305746A EP11305746A EP2535833A1 EP 2535833 A1 EP2535833 A1 EP 2535833A1 EP 11305746 A EP11305746 A EP 11305746A EP 11305746 A EP11305746 A EP 11305746A EP 2535833 A1 EP2535833 A1 EP 2535833A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- crs
- secure element
- secure
- elements
- client1
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/88—Detecting or preventing theft or loss
-
- G—PHYSICS
- G08—SIGNALLING
- G08B—SIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
- G08B13/00—Burglar, theft or intruder alarms
- G08B13/02—Mechanical actuation
- G08B13/14—Mechanical actuation by lifting or attempted removal of hand-portable articles
- G08B13/1427—Mechanical actuation by lifting or attempted removal of hand-portable articles with transmitter-receiver for distance detection
Definitions
- the invention relates in particular to a pairing made between several electronic devices in order to render these devices inoperative in case of theft.
- Domestic electronic devices such as, for example, televisions, computers, or media players, are a frequent target of theft, by their ease of transportation, and resale.
- a stolen electronic device can not be traced, deactivated, or blocked, as could be for example a mobile phone.
- the present invention proposes a solution to this problem, by rendering an electronic device inoperative in the event of theft.
- the invention relates, in a first step: a method of securing a first electrical device said client1, with a second electrical device called CRS, each of these devices comprising at least one secure electronic element.
- These secure electronic elements having at least one means of communication, a memory containing an identifier, and a processor.
- This secure channel can be established according to a symmetric cryptographic scheme and a so-called code pairing code, known from each of the secure elements.
- This pairing code can be generated by one of the secure elements, or be provided by the user to at least one of the elements (3, 4).
- the communication key can be generated by the secure element of the CRS, or it can be generated randomly.
- the invention also relates to an electrical device containing a secure element comprising at least one communication means, a memory and a processor, this secure element is able to prevent the putting into service of the electrical device without a successful authentication with a second element. secure, contained in a second electrical device.
- the figure 1 illustrates an implementation of the invention with a first electronic device 1, called "CRS" (Secure Network Controller) illustrated by an electric meter, and a second electronic device 2 illustrated by a television.
- CRS Cure Network Controller
- Each of these devices comprises a secure element, 3 and 4, according to the invention, for example an electronic chip.
- this secure element is an electronic component integrated in the devices, and thus not extractable. For this reason, the chip of a device, and the device itself may be confused in the present description, without prejudice to the understanding of the invention.
- the chips include at least one non-volatile memory, a volatile memory, calculation means and communication means.
- the nonvolatile memory of the chips contains at least one "unique" identifier.
- This identifier can advantageously be a serial number of the secure element, but it can also be any information enabling differentiation of the secured elements, for example a user-defined identifier if it is possible for it to be registered (device electric devices provided with an input means, for example a keyboard or a remote control).
- the chip 3 of an electronic device such as the TV 2 of the figure 1 allows to allow or not the start of the electronic device as such.
- commissioning will be used in this specification to refer to the placing of a device in a state where it can provide the service for which it was designed. This expression designates, for example, for a television the state in which it makes it possible to display images and sound requested by the user. In most cases, commissioning is when the power is turned on. However, it is possible that devices have standby states (for example during which they display the time), so under power, that the present description is distinguished from the actual functional state.
- the chip is connected to the power supply of the device.
- the chip locks a master and essential component of the device, for example the block "switching power supply" for a TV, the tuner for a satellite decoder, etc ...
- an electronic device 2 (here the TV) is in an unpaired mode. In this mode, it is inoperative. Its lighting only allows access to an initialization procedure.
- each of the chips 3 and 4, contained in the devices 1 and 2 have in their non-volatile memory at least one information on the type of the device with which it is associated.
- This type can for example be "CRS”, "audio device”, “video device”, “television”, etc.
- the chip 3 of the television set 2 will search accessible communicating electronic devices.
- This communication is done through any means of communication known to those skilled in the art, such as a network cable, a PLC connection (for in-line carrier current), a radio frequency communication, etc.
- This search can be done, for example according to the model defined in the Bluetooth standard, or by any other means known to those skilled in the art.
- the chip 3 of the television 2 will collect the type or types of each of these devices thus identified.
- the chip 3 of the TV will identify the device 1 CRS type, so the electricity meter, and initiate a pairing procedure with the chip 4 it contains.
- the pairing procedure is preferably initiated by the unpaired device, here the TV 2.
- the chip 4 of the counter 1 sends the chip 4 of the counter 1 a pairing request 7.
- the pairing is done by checking the knowledge of each of the devices to be paired, a code called said pairing code.
- This code can be generated by one of the two devices, and inserted into the other.
- This procedure requires a display means in, at least the device generating the code to transmit it to the user, and an input means in at least the device to receive it. In a preferred mode, it is the CRS that generates this code, and then it enters the new device to be paired.
- the electric meter 1 generates (with its chip 4) a code, which is displayed on its screen. The user enters this code with the chip 3 of the TV 4 with the buttons on the remote control.
- this code can also be chosen arbitrarily by the user, in which case it is necessary to provide it to CRS 1 and the device to be paired 2.
- Verification of the mutual knowledge of this pairing code can be done by any known means, in particular that defined in the Bluetooth protocol, or by any of the known cryptographic methods of mutual authentication based on a common secret.
- This code makes it possible to establish a secure communication channel between the two secure elements according to any symmetrical algorithm.
- the pairing procedure according to the invention provides for an exchange of the identifiers of the two secure elements.
- the secure element of the device being paired sends its identifier to the secure element of the CRS, and the secure element of the CRS sends its identifier to the secure element contained in the device being paired.
- This exchange of identifier can for example be done through the secure communication channel.
- the pairing procedure ends with the creation of a key 5 called the key of communication.
- This key can be generated by any means known to those skilled in the art, for example randomly or according to the Diffie-Hellman algorithm.
- This key can be generated by the secure element of the CRS (for example randomly, or from a random number), and then transmitted to the secure element of the device being paired through the secure communication channel.
- this key can be defined by the user, in which case he can either enter the secure element of the CRS, which will transfer it to the secure element of the device being paired through the secure communication channel, or enter it into each of the secure elements through the input interfaces of the corresponding devices.
- This key is unique to the two paired devices. Thus each pairing between two devices will generate a communication key.
- An electrical device (excluding CRS) according to the invention can be paired with only one other device: a CRS.
- the CRS is paired with all the electrical devices according to the invention.
- This key 5 is stored in the non-volatile memory of the secure elements 3 and 4 of the CRS 1 as well as the device being paired 2.
- this key is recorded in the chip 3 of the television 2, and in the chip 4 of the electric meter 1.
- the chip 3 of the television 2 thus contains, in addition to the information already present, the identifier of the electric meter 1 and the associated communication key 5.
- the chip 4 of the electric meter 1 contains, in addition to information already present, the identifier of the television 2, and the associated communication key 5.
- the secure element 4 and 17 of the CRS 1 and 16 contains all the identifiers of the devices that are paired 2, 10 and 13, and the corresponding communication keys 5, 12 and 15.
- the system described in figure 2 presents a CRS device 16 according to the invention, illustrated by a electric meter, and two paired devices 10 and 13, illustrated by a television and a computer, each containing an electronic chip 11 and 14, according to the invention.
- the chip 17 of the electric meter contains the identifiers of the chips 11 and 14 of the television and the computer, as well as the respective communication keys 12 and 15.
- the chip 14 that it contains enters an authentication phase.
- the chip 14 of the computer starts a procedure of "mutual recognition / verification": it consists in checking the presence of the chip 17 of the electric meter, as well as his knowledge of the communication key 15 contained in the chip of the computer. This knowledge can be done for example by sending a message to the chip 17 of the electricity meter 16, encrypted with the aid of the recorded communication key 15, and waiting for a message-dependent response. sent, also encrypted by the same key. If this verification is successful, the computer can be put into service.
- the chip 14 of the computer can advantageously enter a so-called alert mode.
- the user is informed, for example through a message displayed on the computer screen, of the situation.
- This situation can occur, for example, in the event of failure or extinction of the electricity meter, or even in case of theft of the computer.
- one embodiment of the invention provides a system where, in turn, certain apparatuses which have the capacity to do so, can take the role of "CRS" by exchange. key securely enough.
- the CRS change mechanism (also called reallocation mechanism) can be randomized or based on a time counter.
- the chip 17 of the electric meter identifies the paired devices, active at this given instant, and able to take the function of CRS, then authenticates each in turn.
- the ability of the devices to take the function of CRS can advantageously be based on the "type" contained in the respective secure elements, or depending on the technical capabilities of the chips contained in the devices or devices themselves. For example the ability to generate a communication key, or to communicate this key to the user.
- the computer 13 and the TV 10 a choice can designate one of them, said new CRS. This choice can be made randomly, or for example with the participation of the user. In the example of the figure 2 , the television 10.
- the chip 17 of the electricity meter exchanges the communication keys 15 and 12, which it contains with the chip 11 of the television, which then informs the chip contained in the computer of its identifier.
- the chip 14 contained in the computer inscribes this new identifier in its memory instead of the identifier of the previous CRS, by associating it with the communication key 15 already registered. This mechanism makes it possible not to provoke new generations of keys between the devices and the new CRS. However, a reset of all pairings remains a solution according to the invention.
- the chips 17 and 14, the electric meter 16 and the computer 13 contain the identity of the chip 11 of the television 10 and their respective communication keys 12, and 15.
- a particularly advantageous mode of the invention provides an unlocking system for each device paired with the "CRS".
- This system may consist of a common key called “master key”, recorded in each device during the pairing phase, which allows, once seized in a device, to put it in a state said unpaired.
- this key once defined, is recorded in the CRS, which transmits it to each of the paired devices, encrypted with the corresponding communication key.
- This key can be chosen by the user or generated by the CRS, and is preferably common to all devices paired with the same CRS for reasons of simplicity.
- this key can be contained in an independent electronic device (for example a USB key) which will be inserted into each of the devices to be unlocked.
- an independent electronic device for example a USB key
- This procedure also makes it possible to release a device from the influence of the CRS, for example to sell it.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Selective Calling Equipment (AREA)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP11305746A EP2535833A1 (de) | 2011-06-15 | 2011-06-15 | Verfahren zur Sicherung eines elektrischen Geräts |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP11305746A EP2535833A1 (de) | 2011-06-15 | 2011-06-15 | Verfahren zur Sicherung eines elektrischen Geräts |
Publications (1)
Publication Number | Publication Date |
---|---|
EP2535833A1 true EP2535833A1 (de) | 2012-12-19 |
Family
ID=44484765
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP11305746A Withdrawn EP2535833A1 (de) | 2011-06-15 | 2011-06-15 | Verfahren zur Sicherung eines elektrischen Geräts |
Country Status (1)
Country | Link |
---|---|
EP (1) | EP2535833A1 (de) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11329827B2 (en) | 2014-09-02 | 2022-05-10 | Apple Inc. | Method of using one device to unlock another device |
CN115202952A (zh) * | 2022-09-15 | 2022-10-18 | 北京智芯微电子科技有限公司 | 电能表费控功能的测试方法、系统及测试主机、存储介质 |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2843819A1 (fr) * | 2002-08-21 | 2004-02-27 | Thomson Licensing Sa | Appareil electrique securise contre le vol, systeme antivol comportant un tel appareil et procede d'appariement d'appareils electriques |
-
2011
- 2011-06-15 EP EP11305746A patent/EP2535833A1/de not_active Withdrawn
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2843819A1 (fr) * | 2002-08-21 | 2004-02-27 | Thomson Licensing Sa | Appareil electrique securise contre le vol, systeme antivol comportant un tel appareil et procede d'appariement d'appareils electriques |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11329827B2 (en) | 2014-09-02 | 2022-05-10 | Apple Inc. | Method of using one device to unlock another device |
CN115202952A (zh) * | 2022-09-15 | 2022-10-18 | 北京智芯微电子科技有限公司 | 电能表费控功能的测试方法、系统及测试主机、存储介质 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2003107585A1 (fr) | Procédé d'échange sécurisé d'informations entre deux dispositifs | |
EP2884716A1 (de) | Authentifizierungsverfahren über Jeton | |
EP3238474B1 (de) | Verfahren zur sicherung kontaktloser transaktionen | |
FR2926938A1 (fr) | Procede d'authentification et de signature d'un utilisateur aupres d'un service applicatif, utilisant un telephone mobile comme second facteur en complement et independamment d'un premier facteur | |
WO2009019298A1 (fr) | Système d'information et procédé d'identification par un serveur d'application d'un utilisateur | |
EP1393527A1 (de) | Verfahren zur authentifizierung zwischen einem tragbaren funkgerät und einem netzdienstleister | |
EP1525748A1 (de) | Verfahren und elektronischer modul für sicheren datenübetragung | |
WO2006125885A1 (fr) | Procede de controle de la connexion d'un peripherique a un point d'acces, point d'acces et peripherique correspondants | |
WO2013050296A1 (fr) | Procede de telechargement securise de cles d'acces au moyen d'un dispositif mobile | |
EP1867189A1 (de) | Gesicherte übertragung zwischen einem datenbearbeitungsgerät und einem sicherheitsmodul | |
EP3552327A1 (de) | Verfahren zur personalisierung einer sicheren transaktion während einer funkkommunikation | |
EP1949590A1 (de) | Verfahren zum sicheren deponieren digitaler daten, diesbezügliches verfahren zum wiederherstellen digitaler daten, diesbezügliche einrichtungen zum implementieren von verfahren und system mit den einrichtungen | |
EP2535833A1 (de) | Verfahren zur Sicherung eines elektrischen Geräts | |
EP3672374A1 (de) | Vorrichtungen und verfahren zur abgleichung einer drahtlosen steuerungsvorrichtung mit einem elektronischen gerät | |
FR3051273A1 (fr) | Technique d'authentification d'un dispositif utilisateur | |
EP4260210A1 (de) | Verwaltungsverfahren zur authentifizierung eines benutzers einer vorrichtung auf einem geräteelement durch pasword | |
FR3067192B1 (fr) | Appareil electronique comportant deux memoires et procede d'appairage associe | |
EP3552136B1 (de) | Verfahren zur verwaltung einer zugangsberechtigung zu einem dienst für eine kommunikationsvorrichtung | |
FR3043291A1 (fr) | Communication entre deux elements de securite inseres dans deux objets communicants | |
WO2020128203A1 (fr) | Procédé et système de sécurisation d'opérations, et poste utilisateur associé | |
EP1723788B1 (de) | Prozess zur verwaltung der handhabung von daten des bedingten zugangs durch mindestens zwei decodierer | |
FR3100407A1 (fr) | Procédé pour activer des droits d’accès à un service auquel a souscrit un abonné | |
EP1883034A2 (de) | Methode zum Schützen eines elektronischen Geräts durch Verwendung einer Chipkarte | |
WO2017089710A1 (fr) | Procédé de distribution de droits sur un service et plateforme de service | |
FR3108224A1 (fr) | Procédé de gestion d’une phase de demande d’appairage entre dispositifs de traitement de données. |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
AX | Request for extension of the european patent |
Extension state: BA ME |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN |
|
18D | Application deemed to be withdrawn |
Effective date: 20130620 |